{"title":"扩展密码密钥交换协议不受字典攻击","authors":"David P. Jablon","doi":"10.1109/ENABL.1997.630822","DOIUrl":null,"url":null,"abstract":"Strong password methods verify even small passwords over a network without additional stored keys or certificates with the user, and without fear of network dictionary attack. We describe a new extension to further limit exposure to theft of a stored password-verifier, and apply it to several protocols including the Simple Password Exponential Key Exchange (SPEKE). Alice proves knowledge of a password C to Bob, who has a stored verifier S, where S=g/sup C/ mod p. They perform a SPEKE exchange based on the shared secret S to derive ephemeral shared key K/sub 1/. Bob chooses a random X and sends g/sup X/ mod p. Alice computes K=g/sup XC/ mod p, and proves knowledge of {K/sub 1/,K/sub 2/}. Bob verifies this result to confirm that Alice knows C. Implementation issues are summarized, showing the potential for improved performance over Bellovin and Merritt's comparably strong Augmented-Encrypted Key Exchange. These methods make the password a strong independent factor in authentication, and are suitable for both Internet and intranet use.","PeriodicalId":334410,"journal":{"name":"Proceedings of IEEE 6th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises","volume":"66 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1997-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"172","resultStr":"{\"title\":\"Extended password key exchange protocols immune to dictionary attack\",\"authors\":\"David P. Jablon\",\"doi\":\"10.1109/ENABL.1997.630822\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Strong password methods verify even small passwords over a network without additional stored keys or certificates with the user, and without fear of network dictionary attack. We describe a new extension to further limit exposure to theft of a stored password-verifier, and apply it to several protocols including the Simple Password Exponential Key Exchange (SPEKE). Alice proves knowledge of a password C to Bob, who has a stored verifier S, where S=g/sup C/ mod p. They perform a SPEKE exchange based on the shared secret S to derive ephemeral shared key K/sub 1/. Bob chooses a random X and sends g/sup X/ mod p. Alice computes K=g/sup XC/ mod p, and proves knowledge of {K/sub 1/,K/sub 2/}. Bob verifies this result to confirm that Alice knows C. Implementation issues are summarized, showing the potential for improved performance over Bellovin and Merritt's comparably strong Augmented-Encrypted Key Exchange. These methods make the password a strong independent factor in authentication, and are suitable for both Internet and intranet use.\",\"PeriodicalId\":334410,\"journal\":{\"name\":\"Proceedings of IEEE 6th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises\",\"volume\":\"66 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1997-06-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"172\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of IEEE 6th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ENABL.1997.630822\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of IEEE 6th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ENABL.1997.630822","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 172
摘要
强密码方法在网络上验证甚至很小的密码,而不需要与用户一起存储额外的密钥或证书,也不用担心网络字典攻击。我们描述了一个新的扩展,以进一步限制暴露于盗窃存储的密码验证器,并将其应用于几个协议,包括简单密码指数密钥交换(SPEKE)。Alice向Bob证明了密码C的知识,Bob有一个存储的验证者S,其中S=g/sup C/ mod p。他们基于共享秘密S执行SPEKE交换,以获得临时共享密钥K/sub 1/。Bob随机选择一个X并发送g/sup X/ mod p。Alice计算K=g/sup XC/ mod p,并证明了{K/sub 1/,K/sub 2/}的知识。Bob验证了这个结果,以确认Alice知道c。实现问题被总结出来,显示了比Bellovin和Merritt的相对强大的增强加密密钥交换改进性能的潜力。这些方法使密码成为身份验证中较强的独立因素,适用于Internet和intranet。
Extended password key exchange protocols immune to dictionary attack
Strong password methods verify even small passwords over a network without additional stored keys or certificates with the user, and without fear of network dictionary attack. We describe a new extension to further limit exposure to theft of a stored password-verifier, and apply it to several protocols including the Simple Password Exponential Key Exchange (SPEKE). Alice proves knowledge of a password C to Bob, who has a stored verifier S, where S=g/sup C/ mod p. They perform a SPEKE exchange based on the shared secret S to derive ephemeral shared key K/sub 1/. Bob chooses a random X and sends g/sup X/ mod p. Alice computes K=g/sup XC/ mod p, and proves knowledge of {K/sub 1/,K/sub 2/}. Bob verifies this result to confirm that Alice knows C. Implementation issues are summarized, showing the potential for improved performance over Bellovin and Merritt's comparably strong Augmented-Encrypted Key Exchange. These methods make the password a strong independent factor in authentication, and are suitable for both Internet and intranet use.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
